Certified Ethical Hacker (CEH v10) — Question 70

What is the least important information when you analyze a public IP address in a security alert?

Answer options

• A. ARP
• B. Whois
• C. DNS
• D. Geolocation

Correct answer: A

Explanation

ARP is primarily used for resolving IP addresses to MAC addresses within a local network and does not provide much relevant information for analyzing external threats. In contrast, Whois, DNS, and Geolocation are more pertinent for understanding the ownership and location of the IP address, making them more important in a security context.